Руководство Разработчика для Cisco Cisco Firepower Management Center 4000

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

711

Understanding Legacy Data Structures

Legacy Host Data Structures

Appendix B

 

Host Profile Data Block for 5.1.x

The following diagram shows the format of a Host Profile data block. The data 

block also does not include a host criticality value, but does include a VLAN 

presence indicator. In addition, a data block can convey a NetBIOS name for the 

host. The Host Profile data block has a block type of 132.

An asterisk(*) next to a block type field in the following diagram 

indicates the message may contain zero or more instances of the series 1 data 

block.

Attribute Value 

Data Blocks *

variable

List of Attribute Value data blocks. See 

 on page 253 for a description 

of the data blocks in this list.

Mobile

uint8

A true-false flag indicating whether the 

operating system is running on a mobile device.

Jailbroken

uint8

A true-false flag indicating whether the mobile 

device operating system is jailbroken.

Full Host Profile Record 5.2.x Fields (Continued)

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Host Profile Block Type (132)

Host Profile Block Length

IP Address

Server

 

Fingerprints

Hops

Primary/Secondary

Generic List Block Type (31)

Generic List Block Type, continued

Generic List Block Length

Generic List Block Length, continued

Server Fingerprint Data Blocks*

Client 

Fingerprints

Generic List Block Type (31)

Generic List Block Length

Client Fingerprint Data Blocks*